Download pdf document: Service definition
Transcript
Service Definition: T-Systems Cloud Broker T-Systems Limited Document Ref: Date: GC6-CLBRK-v01 December 2014 G-Cloud | Service Definition for Cloud Broker Table of Contents 1 Overview of the Service ................................................................................. 4 1.1 What is Cloud Broker? ..................................................................................... 4 1.2 Scope of Services ............................................................................................ 4 1.3 Cloud Broker Benefits ...................................................................................... 4 2 Detailed Service Definition ............................................................................ 5 2.1 Key elements of the Cloud Broker .................................................................... 5 2.1.1 Integrated ecosystem ....................................................................................... 6 2.1.2 Sustainable transparency ................................................................................. 6 2.1.3 Interfaces inclusive ........................................................................................... 6 2.1.4 Decision engine ................................................................................................ 6 2.1.5 Automatic scaling ............................................................................................. 6 2.1.6 Transformation engine ..................................................................................... 6 2.1.7 Public aaS / Private aaS ................................................................................... 7 2.2 The Cloud Broker Services (Base) ................................................................... 7 2.2.1 Provider support ............................................................................................... 7 2.2.2 Virtual Machines (VMs) .................................................................................... 8 2.2.3 Provision mechanism ....................................................................................... 8 2.2.4 Administration, Identity, and Role Management ............................................... 8 2.2.5 Additional services ........................................................................................... 9 2.2.6 Access ............................................................................................................. 9 2.2.7 User Manual ..................................................................................................... 9 2.3 Information Assurance ..................................................................................... 9 2.3.1 Security / Business Impact Level ...................................................................... 9 2.3.2 Details of the level of backup / restore and disaster recovery that will be provided ........................................................................................................... 9 2.3.3 Details of onboarding / offboarding processes and scope............................... 10 2.4 Service Management details .......................................................................... 10 2.4.1 Support .......................................................................................................... 10 2.4.2 Provision ready for operation .......................................................................... 10 2.4.3 Operation of the server and system components ........................................... 10 2.4.4 Maintenance windows .................................................................................... 11 2.4.5 Service Levels ................................................................................................ 11 2.4.6 Service Constraints ........................................................................................ 11 2.5 Additional Services ......................................................................................... 11 T-Systems Limited, G-Cloud-6, December 2014 Page 2 of 14 G-Cloud | Service Definition for Cloud Broker 2.6 Training .......................................................................................................... 11 2.7 Ordering and invoicing process ...................................................................... 12 2.8 Termination terms .......................................................................................... 12 2.9 Customer responsibilities ............................................................................... 12 2.10 Technical requirements .................................................................................. 12 2.11 Details of any trial service available ................................................................ 12 2.12 Service exclusions.......................................................................................... 13 3 Pricing Summary .......................................................................................... 14 3.1 Standard Service ............................................................................................ 14 3.2 Additional Services ......................................................................................... 14 T-Systems Limited, G-Cloud-6, December 2014 Page 3 of 14 G-Cloud | Service Definition for Cloud Broker 1 Overview of the Service 1.1 What is Cloud Broker? The T-Systems Cloud Broker is a central multi-cloud management portal that enables the control and administration of complex multi-cloud environments, focussing on the infrastructure layer. 1.2 Scope of Services Whether it is for a development environment, a productive environment for a specialist application or disaster recovery, there are a wide range of cloud offers on the market promising ideal benefits for the respective application scenario. This is giving rise to socalled multi-clouds in organisations: in other words, a mix of mainly unintegrated cloud solutions. A result of this is the need to maintain several management interfaces manually and in parallel. On top of that there is no integrated reporting and therefore seldom the information needed for internal charging. Multi-cloud does not only span the public or private cloud but also, for example, local virtualised environments as well. In practice and without the Cloud Broker, the multi-cloud challenge often results in being tied in to a cloud provider (vendor lock-in), which makes it impossible to switch quickly. As a result, the originally intended flexibility is lost. The Cloud Broker from T-Systems is a service layer on a highly secure platform. It allows a number of IaaS cloud environments to be linked consistently and managed with ease. A central portal provides an at-a-glance view of all integrated platforms, costs and access rights. It is a simple way to manage platforms and switch effortlessly between offerings and providers. The Cloud Broker also handles the search for the right cloud offer and migration from A to B at the touch of a button. 1.3 Cloud Broker Benefits • Central cloud portal to manage all services • Find the ideal cloud at the touch of a button • Gain transparency across all IaaS cloud solutions • Allocate costs to the correct cost centre and assign quotas to users, projects or departments • Move virtual environments with little effort • Switch cloud provider and offer with ease • Realise a wide variety of cloud promises • Respond quickly to the requirements of specialist departments • Integrate the Cloud Broker individually via the Internet or VPN T-Systems Limited, G-Cloud-6, December 2014 Page 4 of 14 G-Cloud | Service Definition for Cloud Broker 2 Detailed Service Definition 2.1 Key elements of the Cloud Broker 1 2 INTEGRATED ECOSYSTEM All cloud services managed centrally via one platform INTERFACES INCLUDED Open to integration of standardised services API* support for key vendors and technologies Amazon Web Services DSI1 3 DECISION ENGINE Definition of requirements to identify the best cloud solution Virtual environments Infrastructure as a service Customer Azure Open Stack SEGREGATED WORLDS DSI Am azon Web Services Windows Azure VS. … INTEGRATED ECOSYSTEM Windows Azure DSI1 DECISION ENGINE Amazon Web Services Customer’s data center IT department Amazon Web Services A vCloud DBCE 2 Eucalyptus Open Stack Software development env ironment B New production environment for an application Lightweight disaster recovery for virtual environment Environment to migrate from public to private cloud C 1 2 Dynamic Servi ces for Infrastructure Deutsche Börse Cloud Exchange 4 *Application programming interfaces specify how software components interact with each other 5 AUTOMATED SCALING Detection of load peaks; automatic provisioning of extra resources Around-the-clock service Application User developers department IT staff 6 TRANSFORMATION ENGINE Transfer and migration of customer workloads between providers CLOUD BROKER AS A SERVICE Two delivery models via separate network connections Transformation Engine DSI vCloud 1. Server reaches load limit 3. Up-scaling is initiated 2. Alarm is sounded Virtual environment A Server Application Monitoring Amazon Web Services Windows Azure Private network Internet Internet Image in format A 4. Provisioning of additional resources 5. Additional users are automatically directed to other instances Conversion to format B Virtual environment B T-Systems Limited, G-Cloud-6, December 2014 Modification (configuration parameters) Automated, without manual effort Public Cloud Broker Multi-tenancy cloud broker Internet Server Application Private Cloud Broker Multi-tenancy cloud broker Private network Page 5 of 14 G-Cloud | Service Definition for Cloud Broker 2.1.1 Integrated ecosystem Manage linked cloud services with ease on a central platform. You can manage all your services from the cloud provider via one access point. You can create, start, stop and delete workloads using just one interface. Cost reporting offers you full cost control and transparency at all times. You can introduce control and governance without limiting the cloud users in the range of choice. Also you are increasing the security by reducing the management complexity as well as having a central place of logging. 2.1.2 Sustainable transparency Create consolidated billing processes for all types of cloud services on a cost-centre or project basis. View all relevant cost information and flexibly manage management rights in a self-service portal, where you can see and control management activity. 2.1.3 Interfaces inclusive The Cloud Broker is open for integrating standardised services, in other words, vendor API interfaces are supported. Cloud services such as DSI vCloud from T-Systems, Amazon Web Services, Windows Azure and others are already integrated. Cloud services and also on-premise environments based on the following technologies can be integrated without any difficulty: VMware vCloud, Eucalyptus, Hewlett Packard Cloud and OpenStack. 2.1.4 Decision engine Find your ideal cloud solution at the touch of a button. Simply enter the number of CPUs, the required working memory, the desired geographical location or security requirements and the system will automatically find the most suitable IaaS cloud solution. 2.1.5 Automatic scaling For Amazon Web Service, the system continuously checks the load on the virtualised environment and automatically provides additional resources during peaks. Moreover, a load balancer enables you to distribute the load across multiple clouds. 2.1.6 Transformation engine Move and migrate workloads between providers – for example, if you want to reduce costs and decrease or increase security. What‘s more, you can create redundant scenarios and even switch between a public and a private cloud. T-Systems Limited, G-Cloud-6, December 2014 Page 6 of 14 G-Cloud | Service Definition for Cloud Broker 2.1.7 Public aaS / Private aaS The Cloud Broker is operated on T-Systems’ multi-client platform. There are two provisioning models available: with a network connection via the Internet (Public as a Service) or via a VPN (Private as a Service). 2.2 The Cloud Broker Services (Base) The Cloud Broker offers a combined solution for managing multi-cloud environments. It is an overlay management service and therefore does neither impact the underlying clouds nor interact with any data in these. The Cloud Broker has successfully completed a rigid security review by Deutsche Telekom’s group information security to ensure compliance with German and European data privacy laws. Public Clouds Cloud Management Portal Identity /Organization Management Reporting & Billing Info Alert Notification & Monitoring Budgeting & Approval Workflows Automation (Scaling, Backup) Transformation Engine User SelfServicePortal DECISION ENGINE Service Catalog Tagging Adjustable Weights Cloud Comparison Private Clouds Security Amazon Web Services FRONTEND WEB PORTAL API Connections The Cloud Broker includes the following functions and services: 2.2.1 Provider support The Cloud Broker supports different cloud infrastructure providers (CIPs). The currently supported technologies are: • VMware vCloud (e.g. T-Systems Dynamic Services for Infrastructure with VMware vCloud Datacenter Services) • Amazon Web Services (AWS) • Microsoft Azure T-Systems Limited, G-Cloud-6, December 2014 Page 7 of 14 G-Cloud | Service Definition for Cloud Broker • HP Cloud • Eucalyptus • OpenStack The Cloud Broker enables access to the management functions of different CIPs. You can log in to these providers with your account login details and then use and control resources via the central, standardised interface. The Cloud Broker includes the following functions: • The determination and listing of the available resources • VM provision and management • The provision of IP addresses • The creation, deletion, allocation, and separation of storage volumes • Creation, deletion, and provision of virtual networks and entry of information about firewalls, ports, security, and load balancing • Creation and deletion of catalogs and synchronisation with other catalogs • Snapshot management • Security group administration The function may differ depending on the CIP. Individual functions can be removed or supplemented at any time depending on the support of the CIPs. 2.2.2 Virtual Machines (VMs) The virtual machines are provided by the cloud providers or on premise by the customer. The Cloud Broker itself does not offer VMs on its own. 2.2.3 Provision mechanism The Cloud Broker is a self-service cloud service and does not require any provisioning. All that you need are your login credentials to start using the service. The provision mechanism for virtual environments in the target clouds is a key functionality of the Cloud Broker. The Cloud Broker performs specified tasks on workload levels in the cloud infrastructure via the frontend interface. This could involve routine tasks, such as starting/stopping VMs, adding/deleting VMs, user administration, etc. 2.2.4 Administration, Identity, and Role Management The customer or an administrator that has been appointed will have the opportunity to set up other users and allocate particular roles with the appropriate rights. This does not only enable a role-based system for managing clouds, it also includes a quota-setting function with approval work flows within the Cloud Broker. T-Systems Limited, G-Cloud-6, December 2014 Page 8 of 14 G-Cloud | Service Definition for Cloud Broker 2.2.5 Additional services The Cloud Broker includes additional functions, such as: • functions for the administration and storage of access data and authorisations • monitoring mechanisms • logging and reporting functions. 2.2.6 Access Your access to he Cloud Broker and use of the products will generally take place via an internet connection. Each time you access the Cloud Broker, you will authenticate using an access identification comprising a user name and password. T-Systems will send the access identification to the nominated administrator on the date of the initial provision of services. The administrator can set up additional users. The passwords may be changed by the users at any time; the initial password is to be changed immediately. 2.2.7 User Manual T-Systems will provide information for setting up and using the Cloud Broker in the form of an online manual. 2.3 2.3.1 Information Assurance Security / Business Impact Level T-Systems can confirm that it operates all cloud services based on commercial best practices supported by industry recognised certifications, including ITIL V3 and ISO 27001. Where customer requirements demand it, T-Systems will seek formal accreditation for the Cloud Broker Service on a case-by-case basis. Given our robust approach to security and information assurance, which is compliant with German Data Privacy law for example, we are confident that this service will be deemed fit to carry OFFICIAL data, as a minimum. Current Government Security Classification Policy (GSCP) states that the customer will remain responsible for obtaining accreditation of its end-to-end environment. 2.3.2 Details of the level of backup / restore and disaster recovery that will be provided Data within the Cloud Broker is backed up. Disaster recovery functionality will be added to the service as part of the release roadmap during 2015. The disaster recovery will be based on the underlying platform which is highly available even today. T-Systems Limited, G-Cloud-6, December 2014 Page 9 of 14 G-Cloud | Service Definition for Cloud Broker 2.3.3 Details of onboarding / offboarding processes and scope The Cloud Broker is a self service cloud service. Additional onboarding can be provided upon request. 2.4 2.4.1 Service Management details Support a) Online support Initial support is provided in the form of online instructions in both English and German. b) E-mail support T-Systems will provide free-of-charge support via e-mail, in order to respond to general questions as well as questions on the technical functions of the Cloud Broker portal. This support service generally responds to customer inquiries within 48 hours during weekdays. c) Technical hotline support T-Systems answers general questions on the installation and operation of The Cloud Broker on a special customer service number that is subject to a charge. The hotline is available on weekdays between 8:00am and 5:00pm Please note: The support service described under b) and c) shall only be available to the nominated customer administrator for the service; users themselves shall not be entitled to receive support. 2.4.2 Provision ready for operation The initial provision of T-Systems' services ready for operation shall be deemed to have been completed upon delivery of the login data required for access to the Cloud Broker (user ID and password). 2.4.3 Operation of the server and system components All servers and system components needed to operate the Cloud Broker shall be operated in a technically and organisationally secure high-performance computer network that is protected against attacks and unauthorised access from the Internet by a firewall system. The server and system components shall have an annual average availability of 99.0%. The Internet connection of the computer network is made redundantly over the Internet backbone of T-Systems. The features for operation and system management of this network include: • Operating hours: 24 hours a day, seven days a week • Automatic detection of faults within the computer network; • Acceptance of incident reports via e-mail. T-Systems Limited, G-Cloud-6, December 2014 Page 10 of 14 G-Cloud | Service Definition for Cloud Broker 2.4.4 Maintenance windows The Cloud Broker services may be taken out of service for maintenance purposes, in particular for changes and updates to the server configuration (maintenance window). T-Systems will keep disruption to the service caused by maintenance windows to a minimum and implement the necessary maintenance windows outside peak times, during the night. T-Systems will inform customers of the maintenance window periods in good time in advance. Maintenance window periods are not included in the calculation of availability. 2.4.5 Service Levels The service level is 99.0% measured 24x7 on a monthly base excluding scheduled maintenance windows. 2.4.6 Service Constraints The lines and connections needed for access to the Cloud Broker platform, the necessary communications equipment and the use and provision of the relevant cloud environments of the cloud infrastructure providers are not covered by this service. 2.5 Additional Services By agreement and subject to technical and operational feasibility, T-Systems can perform the following additional services against payment of a separate charge as detailed in the available price list: a) Increase in the number of usable virtual machines It is possible to increase the number of usable virtual machines in stages. b) Transformations You can carry out the migration of workloads between different cloud providers with the transformation engine. T-Systems offers various packages with a stated number of transformations per package. The packages additionally include storage space for an image library. The storage space can only be used to carry out transformations. It is not used for storing the cloud data of the individual users or for other purposes. c) Customer-specific services Separate customer-specific services and consulting can be agreed with T-Systems in accordance with the published Skills for the Information Age (SFIA) rate card. 2.6 Training The Cloud Broker is a self service cloud service. Additional training can be provided upon request. T-Systems Limited, G-Cloud-6, December 2014 Page 11 of 14 G-Cloud | Service Definition for Cloud Broker 2.7 Ordering and invoicing process Upon acceptance of the standard Terms & Conditions for the service you can start a 30 day free trial (base package). You can then submit an order for the continuous service at any time during this period. Invoicing will be on a monthly basis. 2.8 Termination terms Either Party may terminate the contractual relationship on the Cloud Broker (Base) options or the additional "increase in the number of virtual machines" services by giving three weeks' notice to the end of the month. If the contractual relationship for the Cloud Broker (Basic) options or additional services is terminated within less than one month after the initial provision of the relevant service ready for operation, the first full monthly charge will be payable. Agreements on any additional services shall end when the agreement on the standard service is terminated. The one-month test phase shall end automatically after expiry of the test phase. Access to the test version shall end automatically after the expiry of the one-month test phase. The data from the test version shall be deleted no later than 30 days after the end of the test phase. 2.9 Customer responsibilities Network connectivity to a) connect to the Cloud Broker, and b) connect to the target clouds, is excluded from this service. 2.10 Technical requirements Please see section 2.2.1 for information related to the clouds that are supported. The local virtualised environment may require specific network configuration to enable it to be addressable from the internet. T-Systems recommends the use of a cloud manager rather than opening up hyper visors to the internet. 2.11 Details of any trial service available A free one-month trial for the Cloud Broker can be ordered (subject to technical and operational feasibility) which includes a base package for the management of up to 50 virtual machines. During the test phase, no additional services are available. In addition, no availability values are guaranteed for the service during the testing phase. The trial ends automatically if not actively extended by the customer. Further information can be found at: http://test-and-order.t-systems.com/. T-Systems Limited, G-Cloud-6, December 2014 Page 12 of 14 G-Cloud | Service Definition for Cloud Broker 2.12 Service exclusions The transformation engine is only supported with T-Systems Dynamic Services for Infrastructure (DSI) vCloud and Amazon Web Services as target clouds and for certified operating systems. T-Systems Limited, G-Cloud-6, December 2014 Page 13 of 14 G-Cloud | Service Definition for Cloud Broker 3 Pricing Summary 3.1 Standard Service • Unlimited clouds • 501 Virtual Machines (VMs) • Multi-cloud management engine • Organisation structure management, quotas and reporting Cloud Broker Base Package (per Base Package, per Month) Free 30-day Trial Base Package Monthly Charge 3.2 £0.00 £392.91 Additional Services Increase in the number of usable Virtual Machines (VMs), monthly: Cloud Broker Optional Packages (per VM Pack, per month) Additional VM Pack2 1 (+501 VMs) £550.39 Additional VM Pack2 2 (+1001 VMs) £944.09 Additional VM Pack2 3 (+5001 VMs) £3,463.78 Additional VM Pack2 4 (+10001 VMs) £6,298.43 Transformation-Engine usage packages can be ordered additionally: Transformation Quotas (per Quota, per month) Transformation Quota3 x1 £279.53 Transformation Quota3 x10 £2,405.43 Transformation Quota3 x50 £12,027.10 1 The number of machines managed by the Cloud Broker. The stated price does not include the cloud service provider’s charges. All prices exclude VAT. 2 Additional VM Packs can be combined in any way by the customer. 3 Unused transformation quotas expire at the end of the contract for Cloud Broker. T-Systems Limited, G-Cloud-6, December 2014 Page 14 of 14